Re: Processes HAVE been discussed to counter source-control archive attacks

[Richard Moore <rich () westpoint ltd uk>]

In KDE's CVS we have a wrapper script that has a look through commits 
for potentially unsafe code changes (such as use of printf and other 
low-ish level functions that do not validate their arguments). This then 
 marks the commits so that we can focus attention there when reviewing 
recent commits.


Rich.